How do I update the load balancer certificate for my Deep Security AWS Quick Start deployment?

The Elastic Load Balancing (ELB) load balancer used by the Deep Security Manager is initially configured to use a self-signed certificate for HTTPS connections. This might result in a "Your connection is not private" browser error when you try to access Deep Security Manager. You can still proceed to Deep Security Manager by clicking Advanced and clicking the Proceed to link but you will continue to see this error until you update the load balancer certificate.

Certificate error

If you plan to use the Trend Micro Deep Security Quick Start as the basis for a production deployment and not just as a proof of concept, we strongly recommend that you update the self-signed certificate to a certificate that is signed by a trusted Certificate Authority.

In order to obtain a signed certificate, you will be required by the Certificate Authority to specify a formal subdomain (for example, deepsecurityconsole.mycompany.com) and use this to access the Deep Security load balancer.

Update the Security Certificate of the Load Balancer

  1. Register a domain name that you will use to access Deep Security Manager.
  2. Obtain a certificate for this domain from a trusted Certificate Authority.
  3. Add the certificate to your certificate store.
  4. Update the DNS settings of the load balancer to use the new domain name.
  5. Replace the SSL certificate of the load balancer.